LTS will soon be implementing important changes to Duo two factor authentication. 

Why the change?

Attackers continue to develop more sophisticated methods into manipulating users to bypass the protections of passwords and insecure two-factor authentication. Library and Technology Services is responding by increasing the security required to access your computing account.

What will change?

Beginning March 4, 2024, insecure authentication methods will no longer function. The following options will be removed: 

  • SMS (text)
  • Phone call
  • Duo mobile app passcode generation
  • Duo token number generator

If you are using one of these methods as your primary second factor, update it with one of the secure options as soon as possible. You can add or remove authentication methods at https://account.lehigh.edu/duo.

What can be used for a second factor moving forward?

  • Duo Mobile app with Push (Lehigh preferred method)
  • Physical USB FIDO2 compatible security key (works when your phone has no connection)
  • Printable backup codes

Need help?

For more information about Duo, including how-to articles, enrollment and sign in videos, and an extensive FAQ, visit our Two-Factor Authentication with Duo guide.

Want to learn more about Duo and the new changes? Sign up for Better security to protect you and your data (with new Duo updates). Sessions are offered in March, April, and May.

*Changes for new Lehigh accounts will be in effect beginning December 1, 2023

If you have any questions about the upcoming changes, please contact the LTS Help Desk at (610) 758-4357 or email helpdesk@lehigh.edu.

Sincerely,

Eric Zematis, CISSP, CISM, PMP
Chief Information Security Officer